Patch Tuesday - October 2021

Last updated at Tue, 12 Oct 2021 19:49:58 GMT

Today’s Patch Tuesday sees Microsoft issuing fixes for over 70 CVEs, affecting the usual mix of their product lines. From Windows, Edge, and Office, to Exchange, SharePoint, and Dynamics, there is plenty of patching to do for workstation and server administrators alike.

One vulnerability has already been seen exploited in the wild: CVE-2021-40449 is an elevation of privilege vulnerability in all supported versions of Windows, including the newly released Windows 11. Rated as Important, this is likely being used alongside Remote Code Execution (RCE) and/or social engineering attacks to gain more complete control of targeted systems.

Three CVEs were publicly disclosed before today, though haven’t yet been observed in active exploitation. CVE-2021-40469 is an RCE vulnerability affecting Microsoft DNS servers, CVE-2021-41335 is another privilege escalation vulnerability in the Windows Kernel, and CVE-2021-41338 is a flaw in Windows AppContainer allowing attackers to bypass firewall rules.

Attackers will likely be paying attention to the latest Windows Print Spooler vulnerability – CVE-2021-36970 is a Spoofing vulnerability with a CVSSv3 score of 8.8 that we don’t yet have much more information about. Also worth noting is CVE-2021-40486, an RCE affecting Microsoft Word, OWA, as well as SharePoint Server, which can be exploited via the Preview Pane. CVE-2021-40487 is another RCE affecting SharePoint Server that Microsoft expects to be exploited before too long.

Another notable vulnerability is CVE-2021-26427, the latest in Exchange Server RCEs. The severity is mitigated by the fact that attacks are limited to a “logically adjacent topology,” meaning that it cannot be exploited directly over the public Internet. Three other vulnerabilities related to Exchange Server were also patched: CVE-2021-41350, a Spoofing vulnerability; CVE-2021-41348, allowing elevation of privilege; and CVE-2021-34453, which is a Denial of Service vulnerability.

Finally, virtualization administrators should be aware of two RCEs affecting Windows Hyper-V: CVE-2021-40461 and CVE-2021-38672. Both affect relatively new versions of Windows and are considered Critical, allowing a VM to escape from guest to host by triggering a memory allocation error, allowing it to read kernel memory in the host.

Summary Charts

Vulnerability Count by Severity (2021-Oct)

CVSSv3 Base Score Distribution (2021-Oct)

Vulnerability Count by Impact (2021-Oct)

Vulnerability Count by Component (2021-Oct)

Summary Tables

Apps Vulnerabilities

CVE	Title	Exploited	Publicly Disclosed?	CVSSv3 Base Score	has FAQ?
CVE-2021-41363	Intune Management Extension Security Feature Bypass Vulnerability	No	No	4.2	Yes

Browser Vulnerabilities

CVE	Title	Exploited	Publicly Disclosed?	CVSSv3 Base Score	has FAQ?
CVE-2021-37980	Chromium: CVE-2021-37980 Inappropriate implementation in Sandbox	No	No	N/A	Yes
CVE-2021-37979	Chromium: CVE-2021-37979 Heap buffer overflow in WebRTC	No	No	N/A	Yes
CVE-2021-37978	Chromium: CVE-2021-37978 Heap buffer overflow in Blink	No	No	N/A	Yes
CVE-2021-37977	Chromium: CVE-2021-37977 Use after free in Garbage Collection	No	No	N/A	Yes
CVE-2021-37976	Chromium: CVE-2021-37976 Information leak in core	No	No	N/A	Yes
CVE-2021-37975	Chromium: CVE-2021-37975 Use after free in V8	No	No	N/A	Yes
CVE-2021-37974	Chromium: CVE-2021-37974 Use after free in Safe Browsing	No	No	N/A	Yes

Developer Tools Vulnerabilities

CVE	Title	Exploited	Publicly Disclosed?	CVSSv3 Base Score	has FAQ?
CVE-2021-3450	OpenSSL: CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT	No	No	N/A	Yes
CVE-2021-3449	OpenSSL: CVE-2021-3449 NULL pointer deref in signature_algorithms processing	No	No	N/A	Yes
CVE-2020-1971	OpenSSL: CVE-2020-1971 EDIPARTYNAME NULL pointer de-reference	No	No	N/A	Yes
CVE-2021-41355	.NET Core and Visual Studio Information Disclosure Vulnerability	No	No	5.7	Yes

ESU Windows Vulnerabilities

CVE	Title	Exploited	Publicly Disclosed?	CVSSv3 Base Score	has FAQ?
CVE-2021-38663	Windows exFAT File System Information Disclosure Vulnerability	No	No	5.5	Yes
CVE-2021-40465	Windows Text Shaping Remote Code Execution Vulnerability	No	No	7.8	No
CVE-2021-36953	Windows TCP/IP Denial of Service Vulnerability	No	No	7.5	No
CVE-2021-40460	Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability	No	No	6.5	Yes
CVE-2021-36970	Windows Print Spooler Spoofing Vulnerability	No	No	8.8	No
CVE-2021-41332	Windows Print Spooler Information Disclosure Vulnerability	No	No	6.5	Yes
CVE-2021-41331	Windows Media Audio Decoder Remote Code Execution Vulnerability	No	No	7.8	No
CVE-2021-41342	Windows MSHTML Platform Remote Code Execution Vulnerability	No	No	6.8	Yes
CVE-2021-41335	Windows Kernel Elevation of Privilege Vulnerability	No	Yes	7.8	No
CVE-2021-40455	Windows Installer Spoofing Vulnerability	No	No	5.5	No
CVE-2021-26442	Windows HTTP.sys Elevation of Privilege Vulnerability	No	No	7	No
CVE-2021-41340	Windows Graphics Component Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2021-38662	Windows Fast FAT File System Driver Information Disclosure Vulnerability	No	No	5.5	Yes
CVE-2021-41343	Windows Fast FAT File System Driver Information Disclosure Vulnerability	No	No	5.5	Yes
CVE-2021-40469	Windows DNS Server Remote Code Execution Vulnerability	No	Yes	7.2	Yes
CVE-2021-40443	Windows Common Log File System Driver Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-40466	Windows Common Log File System Driver Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-40467	Windows Common Log File System Driver Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-40449	Win32k Elevation of Privilege Vulnerability	Yes	No	7.8	No
CVE-2021-40489	Storage Spaces Controller Elevation of Privilege Vulnerability	No	No	7.8	Yes

Exchange Server Vulnerabilities

CVE	Title	Exploited	Publicly Disclosed?	CVSSv3 Base Score	has FAQ?
CVE-2021-41350	Microsoft Exchange Server Spoofing Vulnerability	No	No	6.5	No
CVE-2021-26427	Microsoft Exchange Server Remote Code Execution Vulnerability	No	No	9	Yes
CVE-2021-41348	Microsoft Exchange Server Elevation of Privilege Vulnerability	No	No	8	No
CVE-2021-34453	Microsoft Exchange Server Denial of Service Vulnerability	No	No	7.5	No

Microsoft Dynamics Vulnerabilities

CVE	Title	Exploited	Publicly Disclosed?	CVSSv3 Base Score	has FAQ?
CVE-2021-40457	Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability	No	No	7.4	Yes
CVE-2021-41353	Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability	No	No	5.4	No
CVE-2021-41354	Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability	No	No	4.1	No

Microsoft Office Vulnerabilities

CVE	Title	Exploited	Publicly Disclosed?	CVSSv3 Base Score	has FAQ?
CVE-2021-40486	Microsoft Word Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2021-40484	Microsoft SharePoint Server Spoofing Vulnerability	No	No	7.6	No
CVE-2021-40483	Microsoft SharePoint Server Spoofing Vulnerability	No	No	7.6	No
CVE-2021-41344	Microsoft SharePoint Server Remote Code Execution Vulnerability	No	No	8.1	No
CVE-2021-40487	Microsoft SharePoint Server Remote Code Execution Vulnerability	No	No	8.1	Yes
CVE-2021-40482	Microsoft SharePoint Server Information Disclosure Vulnerability	No	No	5.3	Yes
CVE-2021-40480	Microsoft Office Visio Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2021-40481	Microsoft Office Visio Remote Code Execution Vulnerability	No	No	7.1	Yes
CVE-2021-40471	Microsoft Excel Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2021-40473	Microsoft Excel Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2021-40474	Microsoft Excel Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2021-40479	Microsoft Excel Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2021-40485	Microsoft Excel Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2021-40472	Microsoft Excel Information Disclosure Vulnerability	No	No	5.5	Yes

Microsoft Office Windows Vulnerabilities

CVE	Title	Exploited	Publicly Disclosed?	CVSSv3 Base Score	has FAQ?
CVE-2021-40454	Rich Text Edit Control Information Disclosure Vulnerability	No	No	5.5	Yes

System Center Vulnerabilities

CVE	Title	Exploited	Publicly Disclosed?	CVSSv3 Base Score	has FAQ?
CVE-2021-41352	SCOM Information Disclosure Vulnerability	No	No	7.5	Yes

Windows Vulnerabilities

CVE	Title	Exploited	Publicly Disclosed?	CVSSv3 Base Score	has FAQ?
CVE-2021-40464	Windows Nearby Sharing Elevation of Privilege Vulnerability	No	No	8	No
CVE-2021-40463	Windows NAT Denial of Service Vulnerability	No	No	7.7	No
CVE-2021-40462	Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution Vulnerability	No	No	7.8	No
CVE-2021-41336	Windows Kernel Information Disclosure Vulnerability	No	No	5.5	Yes
CVE-2021-38672	Windows Hyper-V Remote Code Execution Vulnerability	No	No	8	Yes
CVE-2021-40461	Windows Hyper-V Remote Code Execution Vulnerability	No	No	8	No
CVE-2021-40477	Windows Event Tracing Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-41334	Windows Desktop Bridge Elevation of Privilege Vulnerability	No	No	7	No
CVE-2021-40475	Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability	No	No	5.5	Yes
CVE-2021-40468	Windows Bind Filter Driver Information Disclosure Vulnerability	No	No	5.5	Yes
CVE-2021-41347	Windows AppX Deployment Service Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-41338	Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability	No	Yes	5.5	No
CVE-2021-40476	Windows AppContainer Elevation Of Privilege Vulnerability	No	No	7.5	No
CVE-2021-40456	Windows AD FS Security Feature Bypass Vulnerability	No	No	5.3	Yes
CVE-2021-40450	Win32k Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-41357	Win32k Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-40478	Storage Spaces Controller Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-40488	Storage Spaces Controller Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-26441	Storage Spaces Controller Elevation of Privilege Vulnerability	No	No	7.8	Yes
CVE-2021-41345	Storage Spaces Controller Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-41330	Microsoft Windows Media Foundation Remote Code Execution Vulnerability	No	No	7.8	No
CVE-2021-41339	Microsoft DWM Core Library Elevation of Privilege Vulnerability	No	No	4.7	No
CVE-2021-40470	DirectX Graphics Kernel Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-41346	Console Window Host Security Feature Bypass Vulnerability	No	No	5.3	No
CVE-2021-41337	Active Directory Security Feature Bypass Vulnerability	No	No	4.9	Yes
CVE-2021-41361	Active Directory Federation Server Spoofing Vulnerability	No	No	5.4	Yes

Patch Tuesday - October 2021

Summary Charts

Summary Tables

Apps Vulnerabilities

Browser Vulnerabilities

Developer Tools Vulnerabilities

ESU Windows Vulnerabilities

Exchange Server Vulnerabilities

Microsoft Dynamics Vulnerabilities

Microsoft Office Vulnerabilities

Microsoft Office Windows Vulnerabilities

System Center Vulnerabilities

Windows Vulnerabilities

POST TAGS

SHARING IS CARING

AUTHOR

Topics

Popular Tags

Related Posts

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.

Patch Tuesday - October 2021

Summary Charts

Summary Tables

Apps Vulnerabilities

Browser Vulnerabilities

Developer Tools Vulnerabilities

ESU Windows Vulnerabilities

Exchange Server Vulnerabilities

Microsoft Dynamics Vulnerabilities

Microsoft Office Vulnerabilities

Microsoft Office Windows Vulnerabilities

System Center Vulnerabilities

Windows Vulnerabilities

POST TAGS

SHARING IS CARING

AUTHOR

Topics

Popular Tags

Related Posts

Related Posts

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.

Never miss a blog